[dns-operations] EDNS issue

Paul Vixie vixie at isc.org
Sat Feb 26 00:11:28 UTC 2011

> From: "George Barwood" <george.barwood at blueyonder.co.uk>
> Date: Fri, 25 Feb 2011 23:05:06 -0000
> My resolver is using a different strategy, it uses EDNS with a buffer
> size of 1400 bytes, and falls back to TCP on truncation, avoiding
> fragmentation issues.
> I'm not saying this is better but if the configuration issues prove
> insuperable, it might be a way forward.  If BIND repeatedly fails to
> receive responses > internet MTU, could it fall back to this strategy
> automatically?

i could see this as a BIND option, defaulting to off.  but we (all of us
hopefully but ISC certainly) have to keep working to make the internet
what it should be rather than just dealing with it as it is.  this means
in this context putting continuous pressure on people who build or
deploy bad middleboxes which break fragmentation.  we need that stuff to
get fixed and to see no more of it in the future.  backing down leads to
stuff like "just use tcp/80 everywhere since it's the only thing that's
known to work reliably."  james taylor put it this way, in "migration":

	Distant hands in foreign lands
	Are turning hidden wheels
	Causing things to come about
	Which no one seems to feel
	All invisible from where we stand
	The connections come to pass
	And though too strange to comprehend
	They affect us nonetheless, yes

> I also note the publication of RFC6013, "TCP Cookie Transactions"
> http://tools.ietf.org/search/rfc6013
> Looks interesting.

see also the original usenix article on that same topic:


More information about the dns-operations mailing list